solmate icon indicating copy to clipboard operation
solmate copied to clipboard

Published 20 hours ago verified publisher icon transmissions11

[WETH test] Add Reentrancy test

Open jaglinux opened this issue 2 years ago • 2 comments

Possible attack vector: _burn is called after eth transfer in WETH withdraw(). In Erc20 _burn(), if the code "balance[from] -=amount" is unchecked or older solidity compiler version (0.6 or lesser) is used which does not check for arithmetic underflow.

Signed-off-by: Jagadish Krishnamoorthy [email protected]

Description

Describe the changes made in your pull request here.

Checklist

Ensure you completed all of the steps below before submitting your pull request:

  • [x] Ran forge snapshot?
  • [x] Ran npm run lint?
  • [x] Ran forge test?

Pull requests with an incomplete checklist will be thrown out.

jaglinux avatar May 17 '22 08:05 jaglinux

nice work, always good to test edge cases

transmissions11 avatar May 17 '22 23:05 transmissions11

@transmissions11 any updates on review and merge?

jaglinux avatar May 31 '22 03:05 jaglinux